Description

Session fixation vulnerability in ownCloud before 6.0.2, when PHP is configured to accept session parameters through a GET request, allows remote attackers to hijack web sessions via unspecified vectors.

Remediation

References

CVE-2014-2047

Related Vulnerabilities

WordPress Plugin Read and Understood Multiple Vulnerabilities (2.1)

WordPress Plugin Booking Calendar Cross-Site Request Forgery (4.1.5)

WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.14)

Ruby Cryptographic Issues Vulnerability (CVE-2013-4287)

WordPress Plugin WP User-Custom Registration Forms, Login and User Profile Multiple Vulnerabilities (7.0)

Severity

Medium

Classification

CVE-2014-2047 CWE-287

Tags

Missing Update Known Vulnerabilities